This was a test. You have failed it.

(Unless you didn't enter your info. In which case: good for you.)

Don't worry. Your credit card details were not transmitted when you hit the submit button.
But don't trust this claim without question. Find a technically-inclined friend to verify it for you. After all, you've already been tricked once.

Unfortunately, not every site in the Internet is trustworthy. Sometimes people will set up websites that appear to be trustworthy, but are actually used to steal your sensitive information. This practice is called phishing. Had this website been set up by less reputable people, your credit card information would have been logged and used fraudulently.

Look at the address bar. Just because a website looks like Amazon.com, that doesn't mean it is Amazon.com. Make sure the address bar shows the domain name you expect. A common phishing trick is to have a domain like amazon.com.not.ru, which steals your credentials when you try to log in. The actual domain in this example is "not.ru," but people often only check to see if "amazon.com" is anywhere in the address bar.

E-mails from phishers are usually addressed to a generic user. At best they will have your e-mail address in them. Real e-mails from websites you use will contain more substantial information about you. For example, Paypal has a policy of always putting your Paypal username in correspondence.

If asked for your password by e-mail or phone, do not give it out. The only place you should enter your password is a login form.

Do not use a debit card for online commerce. In the United States, debit card fraud is much more harmful than credit card fraud. For credit cards, you have a longer period of time in which you can flag a purchase as fraudulent. Also, a credit card is billed to you, while a debit card purchase immediately takes money out of your checking account.